AI Security Review
scanned 4h ago · by lpm-firewall-aiOn automatic session recovery, configured Facebook credentials are sent to a non-Facebook third-party endpoint. The package also performs a network update check during login and contains an optional npm installer.
Static reason
One or more suspicious static signals were detected.
Trigger
Call `login`/`loginAsync` with expired session state and configured auto-login credentials.
Impact
Facebook password, email, and optional two-factor code can be exfiltrated to the external service.
Mechanism
Credential forwarding to a package-author-controlled external login API.
Attack narrative
The CommonJS entrypoint loads `dist/index.js`. During login recovery, default-enabled auto-login reads credentials from `fca-uzair.json` and calls `tokens`, which posts the email, password, and optional 2FA code to `https://uzair.site/api/v1/facebook/login_ios`. That endpoint returns Facebook session cookies/tokens, making the package an intermediary for account credentials rather than a direct Facebook client.
Rationale
Direct source inspection confirms a concrete credential-exfiltration path to a non-Facebook author-controlled service, activated by the package's automatic login-recovery behavior. This exceeds the expected attack surface of a Facebook API client.
Evidence
package.jsondist/cjs.cjsdist/index.jsdocs/DOCS.mdfca-uzair.example.jsonfca-uzair.json
Network endpoints1
uzair.site/api/v1/facebook/login_ios
Decision evidence
public snapshotAI called this Malicious at 96.0% confidence as Malware with low false-positive risk.
Evidence for block
- `dist/index.js` defaults API auth to author-controlled `https://uzair.site`.
- `loginViaAPI3` POSTs supplied email, password, and optional 2FA to `/api/v1/facebook/login_ios`.
- Default `autoLogin` is enabled; failed/expired Facebook sessions invoke the external credential API when configured credentials exist.
- `loginAsync` runs a default-enabled update check before user login; it can execute `npm i` when config enables install.
Evidence against
- `package.json` has no preinstall, install, or postinstall hooks.
- Remote-control WebSocket requires explicit `remoteControl.enabled` and a user-provided URL.
- The npm update request targets the configured npm registry and default install is false.
Behavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShellWebSocket
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcedist/index.jsView file
12820return new Promise((resolve, reject) => {
L12821: (0, import_node_child_process.execFile)(npmCommand, ["i", dependency], { cwd: process.cwd() }, (error, _stdout, stderr) => {
L12822: if (error) {
High
36Cross-file remote execution chain: dist/index.js spawns dist/index.mjs; helper contains network access plus dynamic code execution.
L36: // src/func/logger.ts
L37: function writeStdout(message) {
L38: process.stdout.write(`${message}
L39: `);
...
L55: function getTheme() {
L56: const fromEnv = String(process.env.FCA_LOG_THEME || "").toLowerCase();
L57: if (fromEnv === "minimal") return "minimal";
...
L135: const parts2 = parseLabel(message, "READY");
L136: const bodyOut2 = parts2.label === "READY" ? formatSuccessBody(parts2.body, grad, styles.text) : grad ? grad.coolStatus(parts2.body) : styles.text(parts2.body);
L137: const labelOut2 = grad ? grad.coolStatus(padLabel(parts2.label)) : styles.text(padLabel(parts2.label));
...
L1525: const ua = options?.userAgent || "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36";
L1526: const referer = options?.referer || "https://www.facebook.com/";
High
Cross File Remote Execution Context
Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/index.jsView on unpkg · L36Findings
3 High2 Medium4 Low
HighChild Processdist/index.js
HighShell
HighCross File Remote Execution Contextdist/index.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings